Rajwinder Singh

**Name of the Vulnerable Software and Affected Versions** ZUUSE BEIMS ContractorWeb .NET version 5.18.0.0 **Description** The issue allows SQL injection via certain parameters. The vulnerable parameters include `tradestatus`, `assetno`, `assignto`, `building`, `domain`, `jobtype`, `site`, `trade`, `woType`, `workorderno`, or `workorderstatus`. **Recommendations** For ZUUSE BEIMS ContractorWeb .NET version 5.18.0.0, consider restricting access to the affected parameters to minimize the risk of exploitation. Avoid using the parameters `tradestatus`, `assetno`, `assignto`, `building`, `domain`, `jobtype`, `site`, `trade`, `woType`, `workorderno`, or `workorderstatus` until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** osTicket version 1.10.1 **Description** The issue is related to the upload functionality in osTicket, which fails to properly validate the contents of uploaded files. This allows an attacker to upload arbitrary files, including those with malicious content, by modifying the file extension. For example, a `tickets.php` request can be modified to upload a file with a `.exe` extension, potentially allowing the upload of malicious files. The vulnerability can be exploited by a remote attacker to upload harmful files to the web application. **Recommendations** For osTicket version 1.10.1, consider disabling the file upload functionality until a proper fix is available, or restrict the types of files that can be uploaded to prevent malicious content from being uploaded. As a temporary workaround, restrict access to the `tickets.php` script to minimize the risk of exploitation.